Paul McCabe
asked on
Security of VPN (L2TP/IPsec) over Public WiFi ?
This may be a somewhat naive question but:
Is it "reasonably" secure to connect my PC to the office server (Windows 2016) using VPN (L2TP/IPsec) over public WiFi ?
Since using public WiFi (with or without a password) for activities such as browsing and email is a potential security risk, I always use a VPN service when outside of the office.
However, I am not so sure in the case of directly logging into the office server from the outside (to access files or carry out some simple management tasks). My main concern is having access credentials to the office network / server stolen. Lets say in a worst-case scenario the only internet access I have is a WiFi network with no password needed. Is it safe to use this to access the office server via VPN ? In case anyone is wondering I am pretty sure I don’t have any state actors after me !
Comments are appreciated.
Is it "reasonably" secure to connect my PC to the office server (Windows 2016) using VPN (L2TP/IPsec) over public WiFi ?
Since using public WiFi (with or without a password) for activities such as browsing and email is a potential security risk, I always use a VPN service when outside of the office.
However, I am not so sure in the case of directly logging into the office server from the outside (to access files or carry out some simple management tasks). My main concern is having access credentials to the office network / server stolen. Lets say in a worst-case scenario the only internet access I have is a WiFi network with no password needed. Is it safe to use this to access the office server via VPN ? In case anyone is wondering I am pretty sure I don’t have any state actors after me !
Comments are appreciated.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
VPN is encrypted traffic, so even over the filthiest (;-) WLAN, it cannot be intercepted in clear text.
Wait, what kind of VPN is that? This could be some funny VPN that does not even use encryption (although it is standard).
ASKER
I sometimes need to travel through some pretty disgusting WANs so that is good to know !
There may be a small window when your machine is connected to the public wifi and you have not established the VPN.
During that Windows you should be restricting using local host firewall to allow machine to have only (probably) DHCP and DNS traffic, no http first till VPN is up. At the same time, the first connection to public wifi may be intercepted before VPN starts.
During that Windows you should be restricting using local host firewall to allow machine to have only (probably) DHCP and DNS traffic, no http first till VPN is up. At the same time, the first connection to public wifi may be intercepted before VPN starts.
ASKER
L2TP by itself does not encrypt, ipsec does. My understanding is that L2TP/IPsec is the protocol of choice over PPTP, which is well known to be very insecure. Don't know how authoritative this is but see: https://www.ivpn.net/pptp-vs-l2tp-vs-openvpn This states: "L2TP/IPSEC....is now the recommended replacement for PPTP on Microsoft platforms where data encryption is required."
ASKER
btan -thank you for the additional detail. I am not an IT expert but what might happen in the "window period" you mention ? Do you mean there is a possibility the credentials for the VPN / server user could be stolen in this period ?
L2TP/IPsec is generally regarded as being secure if openly published pre-shared keys are not used.
ASKER
For connecting to the server, I am using a "secret" pre-shared key -it is definitely not published.
The window is when the machine is trying to connect to the wifi to get an ip address before VPN can be setup. During that Mitm may happened. Possibly credentials may be stolen and VPN should be using certificate
https://en.m.wikipedia.org/wiki/Man-in-the-middle_attack
The PSK should be safe if it is not revealed to anyone and it is not transmitted across the wired.
Some info
https://en.m.wikipedia.org/wiki/Man-in-the-middle_attack
The PSK should be safe if it is not revealed to anyone and it is not transmitted across the wired.
- Generate a new/different PSK for every VPN tunnel.
- Use a password/passphrase generator for the creation of the PSK.
- Generate a strong PSK (with at least 30 chars), to resist a brute-force attack
- Do NOT send the PSK to your peer over the Internet
- There is no need to store the PSK anywhere else. If it is configured on both sides, you can discard it. In the worst case, you need to generate and transfer a new one.
Some info
In enterprise deployments, it is common to either deploy the server certificate to employees' computers alongside the VPN software, or require the employee to make a first connection to the VPN from inside the company network where a MITM attack is not feared. The certificate is then stored in the VPN software configuration and the VPN client will refuse to connect if the server's public key changes.
If you're deploying a VPN service for your own use or for your organization's use, you should take care of provisioning the server certificate at installation time, before you go out in the wild. If a secure network is not available, you'll need to rely on some other communication channel to send the certificate. It could be an email, if that's how you identify users, but it would be best to rely on a pre-existing infrastructure such as GPG keys (send the certificate in a signed email) — which of course only shifts the problem to how to verify the GPG key.
If you're using a cloud-based VPN service, that service should provide you a way to verify their certificate (e.g. a web page served over HTTPS) and should document how to install the certificate or how to verify it on first use. Again, there isn't a single process that all VPN software follow.
ASKER
From the information you provided, I understand that if the VPN is using a certificate, MITM attack is unlikely. I don't think it is using a certificate at the moment, so I'll need to look into that.
ASKER
Or, in your last sentence, do you mean that even when using a certificate, credentials can be stolen ?
MitM is less likely with certificate since the attacker to get the private key and be a trusted issuer. Pre-shared secret that is not revealed or leak in any means are also still possible to reduce MitM. Compared the two the former certificate is of higher difficulty to intercept. Nonetheless, there are no silver bullet, you have to be careful for the VPN service that are subscribed too.
ASKER
Thank you for commenting. Understand your point about certificates being better than private key. However since the key I am using is completely private (and has a strong randomized password), I think it is sufficient for my situation. Also get your point about having to be careful with commercial VPN services. I will review them. Thank you again for your answers and comments, they are vey helpful and much appreciated.
ASKER